|
Debuggers
Hi Exe-tool members!
I am a newbie, and I was wondiering if you guys have some suggestions to good debuggers, as I am sure that you know a lot more about this than I do! Regards, Slambert |
well, depends what do you want to debug, my preferences are as follows:
software cracking - OllyDbg malware analysis - IDA pro debugging my own code WinDbg |
You also need to read up on the operation of various debuggers. For example, OllyDbg is a "ring 3" debugger, while some of the older debuggers , such a Softice and WinDbg, are "ring 0". You need to understand the difference and a quick search on google should suggest to you the difference. Softice is/was a great debugger, but has issues with the newer operating systems.
Bear in mind that "technical terms" actually are important to use correctly. For example, IDA Pro is not actually a "debugger." Technically it is a "disassembler" which can map and permit one to explore the flow of the code. It actually has it's own debugger included with some of the versions, but generally it is not yet considered to be as good as some of the other stand alone "debuggers". Regards, |
some of debugger works only in x86 arch (ollydbg) and only windbg/ida works in x86 and in x64
|
ollydbg works in x64, but obviously will only debug 32 bit (x86) programs
|
IDA may be considered inferior to other debuggers, but it is an unfair and outdated opinion IMO.
Git |
I agree with Git the latest IDA is superb, versatile debugger! has only one drawback: the price:(
|
So we give SYSER a fair chance
Hello,
I miss SYSER in the contributions. Why neglected you him. I have many years of SOFTICE uses and now I use SYSER. SYSER has his problems, but he becomes better and better. If I think of SOFTICE 2.x, there were also many problems. So we give SYSER a fair chance. Yours faithfully (My English is a disaster, sorry) |
is it ironic that on a forum that is dedicated to cracking software that the drawback is price :)
|
debuggers only net app ? reflector
|
Quote:
Which version is the [superd] that you mentioned? I only used the debugger of 4.xx, and it is not so easy to handle as OD. Therefore, I have never tried the debugger of 5.xx. |
Quote:
|
i've been using version 5 recently, i originally found it hard to go from OD to IDA, but after a while you find that the graphs make things sooo much easier and you'll get used it after a while.
|
Quote:
I mastered the change from SoftICE to OllyDebug, but never got familar with IDA. It's really hard to understand all those potentialities of this program. It should be much easier, if they would make their IDA multilingual for learning it in the mother-language. Regards, squareD |
IDA is the best disassembler and is a growing debugger, is better each version, but I debug with olly and remote windbg or softice in ring0, and look the disassemble in IDA for analysis.
ricnar |
For my the best option it's IDA + Windbg for analiysis drivers and malware and everything else Olly :)
|
Sometimes, I use PEBrowseDbg to debug .NET apps.
|
I use integrated IDE debugger to debug apps. Ollydbg for sometime.
|
added:
DOS = TR :D |
Me, I prefer Ollydbg, cause it has become quite popular, even replacing softice. It's free and has trumendous support especially for scripting; you can find a lot of ollyscripts for unpacking protections for example.
IDA on the other hand is quite powerful for disassembling (windows/non-windows binaries) and can do a fair job for debugging. I use it for remotely debugging linux apps too. Note for SquareD: graphs in IDA are annoying indeed, but you can disable them. Right-click in the IDA-View window, and select Text View. |
In Windows, I use Visual Studio to debug my programs and Olly and IDA to debug others.
GDB and DDD are my choice of debuggers in Linux platforms. |
I think Ollydbg is best for unpacking.
When will the Ollydbg 2 be released? |
There was nice TRW2000 debugger for Win9x systems. Very useful for those familiar with SoftIce ;-)
|
Olly is handy for processes that are running where you also need to look which memory is used by what, so handy for packed programs and so on. Windbg is usefull for drivers and other such stuff. ida is awesome for understanding the codelogic and the disassembly, the debugger is fine too. ida can handle pocket pc exe's, linux exe's and images of various other kinds where other debuggers simply give up.. So ida is a must have for strange platforms (for example nds and so). But for strange platforms there is also codewarrior but disasembly with that and trying to understand what goes on is harder with that. I only tried it once or twice or so, likely it is way better now...
|
If you're a python fan, there's also Immunity Debugger (Ollydbg+Python, really) and PyDbg for coding things quickly.
|
Quote:
|
Quote:
|
what a bout debugger for x64 ...any one know Good one ??
soon or later x64 will come !!! |
windbg... that's all folks :)
|
Agree, WinDbg does everything.
Git |
Visual Studio (+ VisualDDK for kernel mode debugging).
|
All this with Remote debugging using VMware virtual machines really helps...
|
IDA + Olly for analysis malware and RE , windbg+vmware,soft-ice for drivers
|
Quote:
Quote:
|
Quote:
boeser.hacker |
take a look here, this uses GDB ad r0
Code:
http://hexblog.com/2009/02/advanced_windows_kernel_debugg.html |
anyone have a Good Paper or tut about debugging in X64 ....sure using one of the this debugger IDA or windbg .
I think we will open a new section for x64 I think it need more attention . I think we have very Good guys here how can be useful in this field . |
x64 is a great field of research, I'll collect some paper about this topic and make a post ;)
ps: about the topic, gbd can be used both r3 and r0, knowledge of gdb is a great thing open doors for various OS debugging. |
Quote:
Quote:
All of us r familiar with Olly and IDA . so anyway to make this inf available pls :rolleyes: Thanks for every thing ...Lol Check ur PM ( I will send a massage . |
I see there is no problem which debugger we must use
the important thing that you must know how to use the debugger in a correct way I use OllyDbg:D |
| All times are GMT +8. The time now is 05:55. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX